build nginx with custom modules
parent
f775c42454
commit
9700b9c08d
|
@ -3,4 +3,19 @@
|
||||||
nixpkgs.config.packageOverrides = pkgs: rec {
|
nixpkgs.config.packageOverrides = pkgs: rec {
|
||||||
spdev = import ./../pkgs { inherit pkgs; };
|
spdev = import ./../pkgs { inherit pkgs; };
|
||||||
};
|
};
|
||||||
|
|
||||||
|
nixpkgs.overlays = [
|
||||||
|
(self: super: {
|
||||||
|
nginx = super.nginxMainline.override {
|
||||||
|
withDebug = false;
|
||||||
|
withStream = false;
|
||||||
|
modules = [
|
||||||
|
pkgs.nginxModules.rtmp
|
||||||
|
pkgs.nginxModules.dav
|
||||||
|
pkgs.nginxModules.moreheaders
|
||||||
|
pkgs.nginxModules.modsecurity-nginx
|
||||||
|
];
|
||||||
|
};
|
||||||
|
})
|
||||||
|
];
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,11 +1,14 @@
|
||||||
{ pkgs, config, ... }:
|
{ lib, pkgs, config, ... }:
|
||||||
let
|
let
|
||||||
domain = config.services.userdata.domain;
|
domain = config.services.userdata.domain;
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
|
systemd.services.nginx.serviceConfig.SystemCallFilter = lib.mkForce "~@cpu-emulation @debug @keyring @mount @obsolete @privileged @setuid";
|
||||||
|
|
||||||
services.nginx = {
|
services.nginx = {
|
||||||
enable = true;
|
enable = true;
|
||||||
enableReload = true;
|
enableReload = true;
|
||||||
|
package = pkgs.nginx;
|
||||||
recommendedGzipSettings = true;
|
recommendedGzipSettings = true;
|
||||||
recommendedOptimisation = true;
|
recommendedOptimisation = true;
|
||||||
recommendedProxySettings = true;
|
recommendedProxySettings = true;
|
||||||
|
|
Loading…
Reference in New Issue